Home > Articles > Software Development & Management > Architecture and Design

  • Print
  • + Share This
This chapter is from the book

Summary

This chapter has shown that there is quite a bit to creating guards and walls. This is the reason I emphasize making the creation of guards and walls a specialized task within your organization.

Here are the major lessons of this chapter:

  • The walls are primarily responsible for fortification.

  • Three technologies are typically used to build walls:

    1. Firewalls

    2. Database security configuration

    3. Role-based security

  • All data coming into the fortress must be validated. Validation includes

    • Checking for string length violations

    • Checking for unexpected characters

  • Auditing is important if you need to track fortress changes.

  • Authentication is needed to verify that requests are coming from approved sources. Authentication is done with encryption/decryption algorithms based on either secret keys (in the shared-key system) or public/private keys (in the public/private–key system).

  • Privacy is about hiding data from prying eyes, which is accomplished by encryption/decryption.

  • Integrity means keeping data from changing as it passes through the drawbridge, which also makes use of encryption/decryption.

  • Nonrepudiation means being able to prove, at a later date, the source of an infogram. This is usually done with public/private–key systems.

  • Authorization, although it seems like a guard/wall issue, is usually done by a business application worker.

  • + Share This
  • 🔖 Save To Your Account